Jump to content

help with register globals

Riparian

By Riparian
in PHP Coding Help

 Share
Go to solution Solved by requinix,

Recommended Posts

Riparian Regular Member

Riparian

Posted
Posted
10 years ago I wrote a large site without declaring the variables which was no problem at the time. For the last few years it has been the head-in-the-sand approach but now I have to make it right.

 

There are thousands of these that kick out errors with register globals depreciated and this will eventually stop the site from working all together.

 

Does anyone know of a simple or expedient way approach this problem ?

 

Any help is greatly appreciated

 

Cheers

Link to comment
Share on other sites
  • Solution
requinix Prolific Member

requinix

Posted
  • Solution
Posted

If you have stuff written from back when register_globals was acceptable then it's been a very long time and your code probably needs a once-over. Not just for this problem but potentially others.

 

Otherwise the best thing you can do is fix the code. Really. It might take a while but all you need is stuff like

$variable = (isset($_GET["variable"]) ? $_GET["variable"] : "reasonable default value");
or

if (isset($_GET["variable"])) {
	$variable = $_GET["variable"];
} else {
	// show an error
}
Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted (edited)

it depends is what the 'logout' index is intended to be a part of and how it is being used in the code. it could be $_POST, $_GET, or some other array. the context for each program variable that you are fixing needs to be taken into account.

 

two other big problems you are going to have with older code that will require doing a rewrite are -

 

1) php used to try and escape input data, hoping that if you put it into an sql query statement, that it would prevent sql injection and sql special characters in the data from breaking the sql syntax. this 'feature' has been completely removed, so it's up to your code to either escape string data that's being used in sql query statements or use prepared queries.

 

2) the php version where the mysql_ database statements have been removed has already been released. if you or your web host upgrades to php version 7, all code that's using mysql_ functions will cease to work. the best choice for a replacement is to use the PDO class. this will also make using prepared queries the cleanest.

 

if you really have 1000's of php variables that are affected by the removal of register_globals, it may be time to refactor your code to dynamically process and produce forms or dynamically produce logical pages using a single main page, using a data driven design, rather than to hard-code each and every variable, multiple times in any script or repeat pages that only differ in the content that's being displayed on them. producing a data driven design, also tends to result in DRY (Don't Repeat Yourself) programming, where repetitive program logic and markup are reduced, which in turn makes it easier to change or fix anything, since the logic or markup for any particular functionality only exists in the code once.

Edited by mac_gyver
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.